Information Disclosure in Dell Wyse Management Suite 3.6.1 and below: Exploiting Error Pages for Sensitive Data Disclosure

Information Disclosure in Dell Wyse Management Suite 3.6.1 and below: Exploiting Error Pages for Sensitive Data Disclosure

CVE-2022-33930 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages. An attacker could potentially exploit this vulnerability, leading to the disclosure of certain sensitive information. The attacker may be able to use the exposed information to access and further vulnerability research.

Learn more about our Web Application Penetration Testing UK.